3 months of threat hunt ideas , hopefully enough to get a new team started , or to give an existing team a few new ideas. Go #blueteam ! #DailyThreatHunt #threathunt

User reports indicate problems with GitHub since 9:22 AM EST. How is it affecting you? #GithubDown https://t.co/AnHuuJOsNy

Github is reportedly down for hundreds of users right now. Are you one of them? #github #githubdown

AWS Outage (US-EAST-1): Explained Simply 1️⃣ Started with a DNS issue - AWS services couldn’t talk to each other. 2️⃣ This broke DynamoDB, which many other services depend on. 3️⃣ EC2 launches & Lambda jobs started failing due to the chain effect. 4️⃣ AWS fixed the DNS issue, but

“…PayPal’s crypto partner mints a whopping $300 trillion worth of stablecoins in ‘technical error’… double the world’s estimated total GDP … fixed after about 20 minutes …” 🔥🔥🔥 #paypal #bitcoin #stablecoin https://t.co/GLB3AWdReE

Our team at @Mandiant just published urgent research on an espionage campaign by China-nexus actors using the BRICKSTORM backdoor. They’ve been in victim networks undetected for over a year, targeting tech & legal sectors for IP theft and intel on US trade and national security.

"...primary objective has shifted from deploying on-premises endpoint ransomware to using cloud-based ransomware tactics..." #ransomware #cloud #azure

Well, well well, it must be another day ending in 'day'. Citrix Netscaler vulnerabilities (CVE-2025-7775 and friends) are being actively exploited and backdoored - patching is not enough. Need help determining your exposure? Reach out via our website https://t.co/gzSQETs11l

“… Recovery was hampered by the need to manually restore some AWS Transit Gateway routes…” #sentinelone outage RCA

“… critical network routes and DNS resolver rules, necessary for connecting infrastructure, were deleted as a result of a software flaw in an automated process…” #sentinelone outage RCA

Official RCA (root cause) for Sentinel One outage “…software flaw in an infrastructure control system that removed critical network routes, causing widespread loss of network connectivity within the SentinelOne platform…” https://t.co/iPuKfcoqJM #sentinelone

Official blog on outage https://t.co/iPuKfcoqJM #sentinelone

@agent_duckman @SentinelOne Geez. Sure is. Wild. https://t.co/QKTeC4vemr

Yikes @SentinelOne is hard down

MATLAB dev confirms ransomware attack behind service outage - @serghei https://t.co/0BIkzroMwC https://t.co/0BIkzroMwC

🚨 Ransomware Alert: Medusa Hits NASCAR The ransomware group Medusa has listed the National Association for Stock Car Auto Racing (NASCAR) as a victim on its leak site. 📂 The threat actors claim to have exfiltrated 1,038.70 GB of sensitive data and are demanding $4 million to

There's no reason to NOT strictly control RMM installation and usage in your environment. There are currently 272 RMMs in the LoLRMM project right now. Most orgs probably use 1 or 2, legitimately. https://t.co/NdQtIpYbIK

Microsoft is Offering FREE Azure 2025 Certification Courses! No Fee, Completely Free These 20 Courses Includes Video Tutorials, Hand's on Labs and Notes. Don't miss these courses if you want to make your career in 2025:

A threat actor slid into a network through exposed virtual network computing (VNC). Here’s what happened 👇 ✅ They deployed C:\\Users\\<redacted>\\Music\\setup.msi to install Atera & Splashtop for persistent remote access

“…threat actors dropped… ransomware payload …but the victim's EDR … quarantined it … threat actors utilized the webcam's Linux operating system to mount Windows SMB network shares … used it to encrypt the network shares over SMB, effectively circumventing the EDR …” #akira